django - ERROR(外部IP):内部服务器错误 - scanproxy?

时间:2013-07-21 13:13:08

标签: django apache security mod-wsgi internal-server-error

我今天收到了关于Django 1.5错误的以下电子邮件。我相信我已正确设置ALLOWED_HOSTS。是否有人试图探测我的网站的漏洞...?或者我错过了什么?我询问探测的原因是因为使用了scanproxy.net主机。

Traceback (most recent call last):

File "/usr/local/lib/python2.7/dist-packages/django/core/handlers/base.py", line 92, in get_response
response = middleware_method(request)

File "/usr/local/lib/python2.7/dist-packages/django/middleware/common.py", line 57, in process_request
host = request.get_host()

File "/usr/local/lib/python2.7/dist-packages/django/http/request.py", line 72, in get_host
"Invalid HTTP_HOST header (you may need to set ALLOWED_HOSTS): %s" % host)

SuspiciousOperation: Invalid HTTP_HOST header (you may need to set ALLOWED_HOSTS): www.scanproxy.net


<WSGIRequest
path:/p-80.html,
GET:<QueryDict: {}>,
POST:<QueryDict: {}>,
COOKIES:{},
META:{'CONTENT_TYPE': 'text/html',
'DOCUMENT_ROOT': '/var/django/projects/Portfolio',
'GATEWAY_INTERFACE': 'CGI/1.1',
'HTTP_ACCEPT': 'image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/vnd.ms-powerpoint, application/vnd.ms-excel, application/msword, application/x-shockwave-flash, */*',
'HTTP_ACCEPT_LANGUAGE': 'en-us',
'HTTP_HOST': 'www.scanproxy.net',
'HTTP_PROXY_CONNECTION': 'keep-alive',
'HTTP_USER_AGENT': 'Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; KuKu 0.65)',
'PATH_INFO': u'/p-80.html',
'PATH_TRANSLATED': '/var/django/projects/Portfolio/apache/django.wsgi/p-80.html',
'QUERY_STRING': '',
'REMOTE_ADDR': '66.197.134.126',
'REMOTE_PORT': '1865',
'REQUEST_METHOD': 'GET',
'REQUEST_URI': 'http://www.scanproxy.net:80/p-80.html',
'SCRIPT_FILENAME': '/var/django/projects/Portfolio/apache/django.wsgi',
'SCRIPT_NAME': u'',
'SCRIPT_URI': 'http://www.scanproxy.net/p-80.html',
'SCRIPT_URL': '/p-80.html',
'SERVER_ADDR': '10.202.250.95',
'SERVER_ADMIN': 'iamadamcooke@gmail.com',
'SERVER_NAME': 'www.scanproxy.net',
'SERVER_PORT': '80',
'SERVER_PROTOCOL': 'HTTP/1.0',
'SERVER_SIGNATURE': '<address>Apache/2.2.22 (Ubuntu) Server at www.scanproxy.net Port 80</address>\n',
'SERVER_SOFTWARE': 'Apache/2.2.22 (Ubuntu)',
'mod_wsgi.application_group': 'iamadamcooke.com|',
'mod_wsgi.callable_object': 'application',
'mod_wsgi.handler_script': '',
'mod_wsgi.input_chunked': '0',
'mod_wsgi.listener_host': '',
'mod_wsgi.listener_port': '80',
'mod_wsgi.process_group': '',
'mod_wsgi.request_handler': 'wsgi-script',
'mod_wsgi.script_reloading': '1',
'mod_wsgi.version': (3, 3),
'wsgi.errors': <mod_wsgi.Log object at 0x7f365219e9f0>,
'wsgi.file_wrapper': <built-in method file_wrapper of mod_wsgi.Adapter object at 0x7f365209d4e0>,
'wsgi.input': <mod_wsgi.Input object at 0x7f36520271f0>,
'wsgi.multiprocess': True,
'wsgi.multithread': False,
'wsgi.run_once': False,
'wsgi.url_scheme': 'http',
'wsgi.version': (1, 1)}>

1 个答案:

答案 0 :(得分:3)

警报很可能会引发,因为该请求中的 HTTP_HOST 标头与 ALLOWED_HOSTS 中Django配置中定义的主机名不匹配。

假设您的网站是www.mysite.com。通常,DNS配置为将所有请求指向您的站点侦听的IP地址。

但是,没有什么可以阻止我向该IP地址发出请求并在HTTP标头中声明请求发往www.anothersite.com。

在大多数情况下,没有什么特别危害这种行为,但Django开发人员已经确定它足够可疑,需要500响应和警告。

在您的具体情况下,您收到66.197.134.126的请求到您的网络服务器,要求 www.scanproxy.net 。您的网络服务器接受了这个请求并将其转发给Django,后者立即说,嘿,我不是www.scanproxy.net!

那就是说,这是值得关注的吗?这真的取决于你。如果您了解正在发生的事情,您可以自己做出决定。

相关问题
最新问题